Output Reference

The output includes one or more compromised entity documents, a.k.a docs.

Main Section

The output includes one or more compromised entity documents.

Field NameDecriptionType
docsList of one or more compromised entitiesObject {XXX Link to ... XXX}
totalDocsThe total number of documents matching your queryInteger
moreDocsAvailableHow many more documents are availableInteger
nextA URL to get the next batch of documents matching your queryString
requestsLeftHow many more records are available in your current subscription planInteger

Document Object

Each document represents a single Compromised entity.

Field NameDescriptionType
valueCompromised entity value.
e.g. [email protected]
String
typeType of compromised entity.
Possible Values:

  • "email"
  • "Creditcard"
  • "SSN"
  • "PHONE"
  • "ACCOUNT_NAME"
  • "PASSPORT"

String
uuidA unique ID representing the compromised entityString
crawledThe date/time when the compromised entity was first leaked.
{XXX XXX}
Date
Format:
yyyy-MM-dd'T'HH:mm:ss.SSSXXX
updated (See the note below)The date/time the compromised entity was updated.Date
Format:
yyyy-MM-dd'T'HH:mm:ss.SSSXXX
leaksAn array of leaked records of the compromised entityObject

📘

About the updated field:

The updated field is used as follows:

  • The Crawler first extracts the breach so crawled=updated
  • The Crawler detects a change in the breach. updated is changed but crawled field does not change

Leaked Record Object

Each record represents a mention of the compromised entity as part of a breach (list of leaked records).
A breach is provided in one of two flavors:

  • File - breached database or file found in a file hosting by Webhose Collection platform.
  • Snippet - part of a post in the dark networks, either a discussion threat or blog or paste.
Field NameDescriptionType
uuidA unique ID representing the breachString
nameThe name of the breachString
filenameThe name of the compromised fileString
breach_dateThe official date of the breachDate
Format:
yyyy-MM-dd'T'HH:mm:ss.SSSXXX
fieldsList of compromised fields detected as part of the breachArray[Strings]
networkThe name of the dark network , where the breach was found.
Possible Values:

  • "email"
  • "Creditcard"
  • "SSN"
  • "PHONE"
  • "ACCOUNT_NAME"
  • "PASSPORT"

String
domainThe domain of the site where the breach was found.String
cyber_doc_refThe official URL of the leaked mentionString
crawledThe date/time when the breach was crawled.Date
Format:
yyyy-MM-dd'T'HH:mm:ss.SSSXXX
additional_infoAn extended object providing more information on the compromised contentObject

Additional_Info Object

This object is part of the leaked record and might be different per Entity.

Field NameDescriptionRelevant to ParameterType
passwordThe sanitized password relevant to the compromised entityemail, account_nameString
is_hashedIs the password was hashed## email, account_nameBoolean
expyExpiration Year of the compromised cardCreditcard, bin6, bin8String
expmExpiration Month of compromised CardCreditcard, bin6, bin8String

An example cyber doc object:

{
docs: [
{
value: "lilo1234",
type: "ACCOUNT_NAME",
uuid: "f8d18fff6b48999af763225b7f8c39248f2ae4e6",
crawled: "2020-04-24T18:31:22.286+03:00",
updated: "2020-06-15T19:37:19.600+03:00",
leaks: [
{
uuid: "7818b58487e97d5a0916941592aa4e3989d341b2",
name: "LiveJournal.com 26M",
filename: "LiveJournal.txt",
breach_date: "2020-05-20T03:00:00.000+03:00",
fields: [
"email",
"account_name",
"password",
],
network: null,
domain: null,
cyber_doc_ref: null,
crawled: "2020-06-10T11:31:08.000+03:00",
additional_info: [
{
password: "a****fi",
is_hashed: false,
}
],
},
{
uuid: "e41fc757ba9ebda00c378e166c5e400c6a3e52b8",
name: "Webkinz 22.98M records",
filename: "webkinz.txt",
breach_date: "2020-04-18T03:00:00.000+03:00",
fields: [
"account_name",
"password",
],
network: null,
domain: null,
cyber_doc_ref: null,
crawled: "2020-04-24T13:36:01.752+03:00",
additional_info: [
{
password: "$1$tPf.R6ez$YkUOpD/J0YoG3iUGvmReH/",
is_hashed: true,
},
{
password: "$1$4ImBPBMf$sNuZ0yTEW9WG.v9nOnmgd/",
is_hashed: true,
},
],
},
{
uuid: "942bb0ad98cbc8d68105260ecf5581ac68861acf",
name: "Poshmark",
filename: "Poshmark.csv",
breach_date: "2019-09-01T03:00:00.000+03:00",
fields: [
"email",
"account_name",
"password",
],
network: null,
domain: null,
cyber_doc_ref: null,
crawled: "2019-12-01T17:35:55.127+02:00",
additional_info: [
{
password: "$2a$10$eY5uq/GxgIeJ1RfAqhldhOd./REgQSo1NM9tP1iF5qdF3ENoj.bJu",
is_hashed: true,
}
],
},
],
}
],
totalDocs: 1,
moreDocsAvailable: 0,
next: "/dbdocFilter?token=[Your Token]&ts=1594650352336",
requestsLeft: 999191,
}

Updated 21 days ago


Output Reference


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.